Based on the Age distribution of Stack Overflow users some of you might also have kids in the ages when certain images can be very disturbing. An age when they cannot yet decide by themselves what might be very bad for them and what is ok.
Actually according to that graph some of the users here are still in that age range...

Anyway, I am currently using a service provided by local ISP that filters every network traffic (not only http!) except the few sites they allow and and a few other sites I added to their list. The problem is that their service makes my network connection slow and breaks often. In addition when I need to use the Internet freely I can turn off the filtering but then the other computer used by my children is not filtered either.

So I am looking for a solution where I can configure their machine, better yet only the account they are using to be limited to certain web sites.
As they are using Ubuntu Linux, I am most interested in a solution to that OS but others
in this forum might be interested in solution to other OS-es so feel free to answer those too.

I thought of using iptables but I'd rather use some tool to configure it
than just manually add rules.

I'd like to be able to allow sites such as www.google.com and stackoverflow.com but not images.google.com or youtube.com .

Yes, we are also considering just letting them use whatever they want at some point but I think at the age of 6 it is a bit early...

4 Answers
4

I would highly recommend using OpenDNS as a first point of call. You may find that it blocks out a great deal of the crap that you don't want your kids to see. It's quite feature rich, but applies the rules to anyone who uses your network/router. I wrote about it a little while ago. If you're interested, check out the post here.

If you want a per-machine solution, perhaps youc an look at something like NetNanny?

OpenDNS is certainly one option and probably the best option if you don't want the hassle of installing and configuring some software.

If you are willing to do some installation and configuration you should take a look at DansGuardian which will allow you to do the same kind of content-filtering as OpenDNS with a little more granularity (you can, for instance, dictate which users or IPs should be content-filtered and how .. and even whitelist specific URLs).

The normal mode of operation of DansGuardian is that it works in conjunction with a proxy. If you have multiple machines on a home network, you can install a proxy/firewall to be used by your entire network. If you have only a single Linux system on which you want to do this, you can install a small local proxy in conjunction with DansGuardian (there are a number of tutorials out there with instructions on how to do that).

If you are building a DansGuardian proxy/firewall - you can either roll your own or take a look at using one of the firewall in a box type Linux distributions. Two well known and widely used distributions are IPCOP (with the Advanced Proxy and URL filter add-ons) or Endian community edition - both of which provide nice web interfaces for the configuration and management of the firewall, including the content filtering. They can both be configured to download updated lists on a regular basis from various sources.